<?php

include '../../config.php';

if(strlen($_GET['image_id']) > 0)
{
	$hash = md5(SALT.$_GET['image_id'].SALT);

	if($hash == $_GET['image_hash'])
	{
		$image = mysql_fetch_array(mysql_query("SELECT * FROM ".DB_PREFIX."yaps_gallery_images WHERE id = ".$_GET['image_id']));
		mysql_query("DELETE FROM ".DB_PREFIX."yaps_gallery_images WHERE id = ".$_GET['image_id']);
		mysql_query("UPDATE ".DB_PREFIX."yaps_gallery_sections SET photo_count = photo_count - 1 WHERE id = ".$image['section']);
		unlink('../../'.$image['file']);
		unlink('../../'.$image['thumb']);
	}
}
elseif(strlen($_GET['image_list']) > 0)
{
	$list = explode('#',$_GET['image_list']);
	$position = 1;

	for($i = 0; $i < sizeof($list); $i++)
	{
		$id = substr($list[$i],1);
		if(strlen($id) > 0)
		{
			mysql_query("UPDATE ".DB_PREFIX."yaps_gallery_images SET position = ".$position." WHERE id = ".$id);
			$position++;
		}
	}
}

?>
